Slow traffic when gateway rule is configured.

I have the latest pfSense installed with two Internet connections (T1 & Cable). Because our cable is unreliable, our default route is our T1. To get better speed, I set up a Gateway Group named "Load_Balanced" that prefers the Cable gateway and includes the T1 gateway. I added a Rule so that traffic destined to the Internet via ports 80 or 443 are routed through the Load_Balanced gateway.

This has worked well since January. Recently (I can't tell when), the Internet connection slowed to a crawl, so I did some testing. Here's what I found:

I'm testing network speed using a web browser and a utility from www.speedtest.net. I have the web server connected to a network switch on our Cable WAN network (along with our cable modem). With no specific rules, I can connect to this server and get 80-90 Mbps download speed. BUT when I add a rule that tells my traffic (by specific port destination or by source IP address) to use that network (by setting a gateway for that rule), my download speed drops to about 10 Mbps.

I'm looking for ideas on how to further troubleshoot this problem, and I'm looking for anyone else who's experienced significant slowdown of Internet speed after updating pfSense so we can compare configurations.

I have the same problem. Gateway group routing is delaying TCP connections.

I have done some tcpdumps and it's clear that there's a 3 seconds delay (aprox) sending the first syn packet. Once connection is established the traffic flows as usual but this initial delay is a big problem.

UPDATE: For my situation, in our live environment I found a rule that was causing our traffic to go over a slower link. Once I fixed that, I was less interested in why I had this problem in the test environment and quit researching.

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.